IOC Report
file.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\loaddll64.exe
loaddll64.exe "C:\Users\user\Desktop\file.dll"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\file.dll",#1
C:\Windows\System32\rundll32.exe
rundll32.exe C:\Users\user\Desktop\file.dll,JNI_OnLoad
C:\Windows\System32\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\file.dll",#1
C:\Windows\System32\rundll32.exe
rundll32.exe C:\Users\user\Desktop\file.dll,Java_com_sun_imageio_plugins_jpeg_JPEGImageReader_abortRead
C:\Windows\System32\rundll32.exe
rundll32.exe C:\Users\user\Desktop\file.dll,Java_com_sun_imageio_plugins_jpeg_JPEGImageReader_disposeReader

Memdumps

Base Address
Regiontype
Protect
Malicious
1A4022D0000
heap
page read and write
127EFFE000
stack
page read and write
1A4022D7000
heap
page read and write
2B5F81B0000
heap
page read and write
1F78DF20000
heap
page read and write
1BF79170000
heap
page read and write
1F7912F3000
heap
page read and write
127EF7E000
stack
page read and write
1A4022ED000
heap
page read and write
2B5F80E0000
heap
page read and write
2B5F81DE000
heap
page read and write
1BF78EB0000
heap
page read and write
1F78F9E0000
heap
page read and write
1BF78F4E000
heap
page read and write
1A4023D0000
heap
page read and write
1A4022F9000
heap
page read and write
1BF791C0000
heap
page read and write
1BF78F4A000
heap
page read and write
1A4022EA000
heap
page read and write
1A4022FA000
heap
page read and write
CC3ECFE000
stack
page read and write
1A405E90000
heap
page read and write
1A402317000
heap
page read and write
1F78DF40000
heap
page read and write
1BF791DC000
heap
page read and write
2B5F81E3000
heap
page read and write
CC3ED7F000
stack
page read and write
1F78DFA0000
heap
page read and write
2B5F9C33000
heap
page read and write
1BF78F53000
heap
page read and write
1376C8B0000
heap
page read and write
1376C990000
heap
page read and write
1F78DF94000
heap
page read and write
2B5F81C9000
heap
page read and write
1BF7A980000
heap
page read and write
1A403F20000
heap
page read and write
2B5F81FB000
heap
page read and write
1BF78F53000
heap
page read and write
1F791740000
trusted library allocation
page read and write
2B5F8000000
heap
page read and write
1A4022EF000
heap
page read and write
2B5FB3F0000
trusted library allocation
page read and write
1F78DF87000
heap
page read and write
1BF78F7A000
heap
page read and write
1F78E0C0000
heap
page read and write
1BF78F30000
heap
page read and write
1A402660000
heap
page read and write
1BF78F59000
heap
page read and write
1A4024D0000
heap
page read and write
2B5F8100000
heap
page read and write
1F78E0F5000
heap
page read and write
2B5F81C9000
heap
page read and write
1BF78F46000
heap
page read and write
1A4022F3000
heap
page read and write
1A405690000
trusted library allocation
page read and write
127EEFF000
stack
page read and write
5156C7F000
stack
page read and write
51569CF000
stack
page read and write
1F78DF8E000
heap
page read and write
1F78DFB1000
heap
page read and write
1F78E0FC000
heap
page read and write
1A4022E6000
heap
page read and write
CC3EDFF000
stack
page read and write
1A4022F3000
heap
page read and write
2B5F81FB000
heap
page read and write
1F78DE40000
heap
page read and write
1BF78F4A000
heap
page read and write
FCC233A000
stack
page read and write
127EE7A000
stack
page read and write
1A4022FE000
heap
page read and write
51568CA000
stack
page read and write
1BF78F5A000
heap
page read and write
1F7912F0000
heap
page read and write
2B5F81CE000
heap
page read and write
2B5F817C000
heap
page read and write
1BF78E90000
heap
page read and write
1F78DF77000
heap
page read and write
1F78DFBB000
heap
page read and write
1BF78F38000
heap
page read and write
1A4022EA000
heap
page read and write
2B5F81B8000
heap
page read and write
1F78DF93000
heap
page read and write
1A402303000
heap
page read and write
2B5F9B90000
heap
page read and write
1BF78F7A000
heap
page read and write
1A40230F000
heap
page read and write
1BF78DB0000
heap
page read and write
2B5F8170000
heap
page read and write
1F78DF93000
heap
page read and write
2B5F81FB000
heap
page read and write
24CECFF000
stack
page read and write
1F78DF8B000
heap
page read and write
1A40266B000
heap
page read and write
2B5FBBF0000
heap
page read and write
24CE96C000
stack
page read and write
1A403F60000
heap
page read and write
515694E000
stack
page read and write
1BF78F6F000
heap
page read and write
1F78DF93000
heap
page read and write
1BF7C650000
trusted library allocation
page read and write
1BF78F5E000
heap
page read and write
2B5F8175000
heap
page read and write
1376C9BD000
heap
page read and write
1F78DF8B000
heap
page read and write
FCC23BE000
stack
page read and write
1BF78F77000
heap
page read and write
FCC267F000
stack
page read and write
1A4022F9000
heap
page read and write
CC3EC7A000
stack
page read and write
1BF791D0000
heap
page read and write
2B5F9C30000
heap
page read and write
1BF78F63000
heap
page read and write
1F78E0F0000
heap
page read and write
1A403F63000
heap
page read and write
1BF791D5000
heap
page read and write
1BF791C3000
heap
page read and write
1376C9B9000
heap
page read and write
1BF78F4F000
heap
page read and write
2B5F81D3000
heap
page read and write
1BF78F7A000
heap
page read and write
1F78DF98000
heap
page read and write
2B5F81C6000
heap
page read and write
1A4024B0000
heap
page read and write
1376C9B0000
heap
page read and write
1BF78F59000
heap
page read and write
1A40231B000
heap
page read and write
1F78DF70000
heap
page read and write
1A402665000
heap
page read and write
1376C9C9000
heap
page read and write
24CEDFF000
stack
page read and write
1F78DFA6000
heap
page read and write
There are 121 hidden memdumps, click here to show them.